aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--security/krb5-16/Makefile1
-rw-r--r--security/krb5-16/files/patch-kadmin::v4server::kadm_ser_wrap.c26
-rw-r--r--security/krb5-17/Makefile1
-rw-r--r--security/krb5-17/files/patch-kadmin::v4server::kadm_ser_wrap.c26
-rw-r--r--security/krb5-appl/Makefile1
-rw-r--r--security/krb5-appl/files/patch-kadmin::v4server::kadm_ser_wrap.c26
-rw-r--r--security/krb5/Makefile1
-rw-r--r--security/krb5/files/patch-kadmin::v4server::kadm_ser_wrap.c26
8 files changed, 108 insertions, 0 deletions
diff --git a/security/krb5-16/Makefile b/security/krb5-16/Makefile
index f2b7f85423f0..ee035fabec97 100644
--- a/security/krb5-16/Makefile
+++ b/security/krb5-16/Makefile
@@ -7,6 +7,7 @@
PORTNAME= krb5
PORTVERSION= 1.2.6
+PORTREVISION= 1
CATEGORIES= security
.if defined(USA_RESIDENT) && ${USA_RESIDENT} == "NO"
MASTER_SITES= http://www.crypto-publish.org/dist/mit-kerberos5/
diff --git a/security/krb5-16/files/patch-kadmin::v4server::kadm_ser_wrap.c b/security/krb5-16/files/patch-kadmin::v4server::kadm_ser_wrap.c
new file mode 100644
index 000000000000..2fa89e96690b
--- /dev/null
+++ b/security/krb5-16/files/patch-kadmin::v4server::kadm_ser_wrap.c
@@ -0,0 +1,26 @@
+--- kadmin/v4server/kadm_ser_wrap.c.orig Tue May 23 14:44:50 2000
++++ kadmin/v4server/kadm_ser_wrap.c Wed Oct 23 15:15:24 2002
+@@ -170,14 +170,21 @@
+ u_char *retdat, *tmpdat;
+ int retval, retlen;
+
+- if (strncmp(KADM_VERSTR, (char *)*dat, KADM_VERSIZE)) {
++ if ((*dat_len < KADM_VERSIZE + sizeof(krb5_ui_4))
++ || strncmp(KADM_VERSTR, (char *)*dat, KADM_VERSIZE)) {
+ errpkt(dat, dat_len, KADM_BAD_VER);
+ return KADM_BAD_VER;
+ }
+ in_len = KADM_VERSIZE;
+ /* get the length */
+- if ((retc = stv_long(*dat, &r_len, in_len, *dat_len)) < 0)
++ if ((retc = stv_long(*dat, &r_len, in_len, *dat_len)) < 0
++ || (r_len > *dat_len - KADM_VERSIZE - sizeof(krb5_ui_4))
++ || (*dat_len - r_len - KADM_VERSIZE -
++ sizeof(krb5_ui_4) > sizeof(authent.dat))) {
++ errpkt(dat, dat_len, KADM_LENGTH_ERROR);
+ return KADM_LENGTH_ERROR;
++ }
++
+ in_len += retc;
+ authent.length = *dat_len - r_len - KADM_VERSIZE - sizeof(krb5_ui_4);
+ memcpy((char *)authent.dat, (char *)(*dat) + in_len, authent.length);
diff --git a/security/krb5-17/Makefile b/security/krb5-17/Makefile
index f2b7f85423f0..ee035fabec97 100644
--- a/security/krb5-17/Makefile
+++ b/security/krb5-17/Makefile
@@ -7,6 +7,7 @@
PORTNAME= krb5
PORTVERSION= 1.2.6
+PORTREVISION= 1
CATEGORIES= security
.if defined(USA_RESIDENT) && ${USA_RESIDENT} == "NO"
MASTER_SITES= http://www.crypto-publish.org/dist/mit-kerberos5/
diff --git a/security/krb5-17/files/patch-kadmin::v4server::kadm_ser_wrap.c b/security/krb5-17/files/patch-kadmin::v4server::kadm_ser_wrap.c
new file mode 100644
index 000000000000..2fa89e96690b
--- /dev/null
+++ b/security/krb5-17/files/patch-kadmin::v4server::kadm_ser_wrap.c
@@ -0,0 +1,26 @@
+--- kadmin/v4server/kadm_ser_wrap.c.orig Tue May 23 14:44:50 2000
++++ kadmin/v4server/kadm_ser_wrap.c Wed Oct 23 15:15:24 2002
+@@ -170,14 +170,21 @@
+ u_char *retdat, *tmpdat;
+ int retval, retlen;
+
+- if (strncmp(KADM_VERSTR, (char *)*dat, KADM_VERSIZE)) {
++ if ((*dat_len < KADM_VERSIZE + sizeof(krb5_ui_4))
++ || strncmp(KADM_VERSTR, (char *)*dat, KADM_VERSIZE)) {
+ errpkt(dat, dat_len, KADM_BAD_VER);
+ return KADM_BAD_VER;
+ }
+ in_len = KADM_VERSIZE;
+ /* get the length */
+- if ((retc = stv_long(*dat, &r_len, in_len, *dat_len)) < 0)
++ if ((retc = stv_long(*dat, &r_len, in_len, *dat_len)) < 0
++ || (r_len > *dat_len - KADM_VERSIZE - sizeof(krb5_ui_4))
++ || (*dat_len - r_len - KADM_VERSIZE -
++ sizeof(krb5_ui_4) > sizeof(authent.dat))) {
++ errpkt(dat, dat_len, KADM_LENGTH_ERROR);
+ return KADM_LENGTH_ERROR;
++ }
++
+ in_len += retc;
+ authent.length = *dat_len - r_len - KADM_VERSIZE - sizeof(krb5_ui_4);
+ memcpy((char *)authent.dat, (char *)(*dat) + in_len, authent.length);
diff --git a/security/krb5-appl/Makefile b/security/krb5-appl/Makefile
index f2b7f85423f0..ee035fabec97 100644
--- a/security/krb5-appl/Makefile
+++ b/security/krb5-appl/Makefile
@@ -7,6 +7,7 @@
PORTNAME= krb5
PORTVERSION= 1.2.6
+PORTREVISION= 1
CATEGORIES= security
.if defined(USA_RESIDENT) && ${USA_RESIDENT} == "NO"
MASTER_SITES= http://www.crypto-publish.org/dist/mit-kerberos5/
diff --git a/security/krb5-appl/files/patch-kadmin::v4server::kadm_ser_wrap.c b/security/krb5-appl/files/patch-kadmin::v4server::kadm_ser_wrap.c
new file mode 100644
index 000000000000..2fa89e96690b
--- /dev/null
+++ b/security/krb5-appl/files/patch-kadmin::v4server::kadm_ser_wrap.c
@@ -0,0 +1,26 @@
+--- kadmin/v4server/kadm_ser_wrap.c.orig Tue May 23 14:44:50 2000
++++ kadmin/v4server/kadm_ser_wrap.c Wed Oct 23 15:15:24 2002
+@@ -170,14 +170,21 @@
+ u_char *retdat, *tmpdat;
+ int retval, retlen;
+
+- if (strncmp(KADM_VERSTR, (char *)*dat, KADM_VERSIZE)) {
++ if ((*dat_len < KADM_VERSIZE + sizeof(krb5_ui_4))
++ || strncmp(KADM_VERSTR, (char *)*dat, KADM_VERSIZE)) {
+ errpkt(dat, dat_len, KADM_BAD_VER);
+ return KADM_BAD_VER;
+ }
+ in_len = KADM_VERSIZE;
+ /* get the length */
+- if ((retc = stv_long(*dat, &r_len, in_len, *dat_len)) < 0)
++ if ((retc = stv_long(*dat, &r_len, in_len, *dat_len)) < 0
++ || (r_len > *dat_len - KADM_VERSIZE - sizeof(krb5_ui_4))
++ || (*dat_len - r_len - KADM_VERSIZE -
++ sizeof(krb5_ui_4) > sizeof(authent.dat))) {
++ errpkt(dat, dat_len, KADM_LENGTH_ERROR);
+ return KADM_LENGTH_ERROR;
++ }
++
+ in_len += retc;
+ authent.length = *dat_len - r_len - KADM_VERSIZE - sizeof(krb5_ui_4);
+ memcpy((char *)authent.dat, (char *)(*dat) + in_len, authent.length);
diff --git a/security/krb5/Makefile b/security/krb5/Makefile
index f2b7f85423f0..ee035fabec97 100644
--- a/security/krb5/Makefile
+++ b/security/krb5/Makefile
@@ -7,6 +7,7 @@
PORTNAME= krb5
PORTVERSION= 1.2.6
+PORTREVISION= 1
CATEGORIES= security
.if defined(USA_RESIDENT) && ${USA_RESIDENT} == "NO"
MASTER_SITES= http://www.crypto-publish.org/dist/mit-kerberos5/
diff --git a/security/krb5/files/patch-kadmin::v4server::kadm_ser_wrap.c b/security/krb5/files/patch-kadmin::v4server::kadm_ser_wrap.c
new file mode 100644
index 000000000000..2fa89e96690b
--- /dev/null
+++ b/security/krb5/files/patch-kadmin::v4server::kadm_ser_wrap.c
@@ -0,0 +1,26 @@
+--- kadmin/v4server/kadm_ser_wrap.c.orig Tue May 23 14:44:50 2000
++++ kadmin/v4server/kadm_ser_wrap.c Wed Oct 23 15:15:24 2002
+@@ -170,14 +170,21 @@
+ u_char *retdat, *tmpdat;
+ int retval, retlen;
+
+- if (strncmp(KADM_VERSTR, (char *)*dat, KADM_VERSIZE)) {
++ if ((*dat_len < KADM_VERSIZE + sizeof(krb5_ui_4))
++ || strncmp(KADM_VERSTR, (char *)*dat, KADM_VERSIZE)) {
+ errpkt(dat, dat_len, KADM_BAD_VER);
+ return KADM_BAD_VER;
+ }
+ in_len = KADM_VERSIZE;
+ /* get the length */
+- if ((retc = stv_long(*dat, &r_len, in_len, *dat_len)) < 0)
++ if ((retc = stv_long(*dat, &r_len, in_len, *dat_len)) < 0
++ || (r_len > *dat_len - KADM_VERSIZE - sizeof(krb5_ui_4))
++ || (*dat_len - r_len - KADM_VERSIZE -
++ sizeof(krb5_ui_4) > sizeof(authent.dat))) {
++ errpkt(dat, dat_len, KADM_LENGTH_ERROR);
+ return KADM_LENGTH_ERROR;
++ }
++
+ in_len += retc;
+ authent.length = *dat_len - r_len - KADM_VERSIZE - sizeof(krb5_ui_4);
+ memcpy((char *)authent.dat, (char *)(*dat) + in_len, authent.length);